{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:bccc8179-7662-54bc-b90f-66a3c83bb867", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty/jetty-server@9.4.48.v20220622-tuxcare.3", "type": "library", "group": "org.eclipse.jetty", "name": "jetty-server", "version": "9.4.48.v20220622-tuxcare.3", "purl": "pkg:maven/org.eclipse.jetty/jetty-server@9.4.48.v20220622-tuxcare.3" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:05d50f94-98cd-5509-a8da-6dcb7f3dac0d", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-server@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9da5e1f4-4cd4-535e-9e8f-8c8ddbf96308", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-server@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:ccfb8a5d-4829-5ee1-986a-5e717b6279f6", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-server@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:337f612f-b189-5223-8fc5-43147ba1ebd9", "id": "CVE-2023-26048", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26048 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-server@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:01f13da5-698d-553e-9e1f-8807f1c1b3c8", "id": "CVE-2023-26049", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-26049 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-server@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:db27a5a2-ba6e-51f1-8008-ac8208401c31", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-server@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:2bb17646-009d-58b0-854e-d992b4adfd14", "id": "CVE-2023-36479", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-36479 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-server@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:dfda90f0-8d5d-5ef0-877d-7b0aff52248c", "id": "CVE-2023-40167", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-40167 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-server@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:7ce51dfe-70df-5d99-8c7b-25de0b304b4a", "id": "CVE-2023-41900", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-41900 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-server@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:4d710ed5-f3cc-54ad-89d4-7f1b45d4754f", "id": "CVE-2023-44487", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2023-44487 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-server@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:a7837c72-0f53-50aa-8214-e8b60e64bcf4", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-server@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:dce138b6-72e1-536c-bf93-2be9e218f77f", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-server@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:bbde7d1a-9045-5a21-9cf0-654669d2d66a", "id": "CVE-2024-6762", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-6762 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-server@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:5c353f12-3277-51b3-b420-5e23a73f0d84", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-server@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:aea3fcfd-ecc5-54cc-a528-2dd2ed07c5a1", "id": "CVE-2024-8184", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-8184 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-server@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:649ef31d-4ab7-5d19-a22f-45ff0be7da21", "id": "CVE-2024-9823", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-9823 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-server@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:74a36346-e6ce-5e58-abce-e31a4c092ae3", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-server@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:9bcd9990-e9b6-5590-baa4-52421cab2641", "id": "CVE-2025-5115", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-5115 is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-server@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:e77dd027-39b5-51d2-be8f-a98c8bb24455", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-server@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:8a5eb266-d57e-56b7-a15c-84559a14971c", "id": "CVE-2026-2332", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-2332 affects version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-server@9.4.48.v20220622-tuxcare.3" } ] }, { "bom-ref": "urn:uuid:badc89cd-234f-5820-9159-b6971b76bae2", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "resolved", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh is fixed in version 9.4.48.v20220622-tuxcare.3 of org.eclipse.jetty:jetty-server." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-server@9.4.48.v20220622-tuxcare.3" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty/jetty-server@9.4.48.v20220622-tuxcare.3" } ] }